UNPKG

snyk-nodejs-lockfile-parser

Version:

Generate a dep tree given a lockfile

github.com/snyk/nodejs-lockfile-parser

snyk/nodejs-lockfile-parser

99 lines 4.3 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.Yarn2LockParser = void 0; const js_yaml_1 = require("js-yaml"); const yarnCore = require("@yarnpkg/core"); const lock_parser_base_1 = require("./lock-parser-base"); const _1 = require("."); const config_1 = require("../config"); const errors_1 = require("../errors"); const yarn_utils_1 = require("./yarn-utils"); class Yarn2LockParser extends lock_parser_base_1.LockParserBase { constructor() { super(_1.LockfileType.yarn2, config_1.config.YARN_TREE_SIZE_LIMIT); } parseLockFile(lockFileContents) { try { const rawYarnLock = (0, js_yaml_1.load)(lockFileContents, { json: true, schema: js_yaml_1.FAILSAFE_SCHEMA, }); delete rawYarnLock.__metadata; const dependencies = {}; const structUtils = yarnCore.structUtils; const parseDescriptor = structUtils.parseDescriptor; const parseRange = structUtils.parseRange; const keyNormalizer = (0, yarn_utils_1.yarnLockFileKeyNormalizer)(parseDescriptor, parseRange); Object.entries(rawYarnLock).forEach(([fullDescriptor, versionData]) => { keyNormalizer(fullDescriptor).forEach((descriptor) => { dependencies[descriptor] = versionData; }); }); return { dependencies, lockfileType: _1.LockfileType.yarn2, object: dependencies, type: _1.LockfileType.yarn2, }; } catch (e) { throw new errors_1.InvalidUserInputError(`yarn.lock parsing failed with an error: ${e.message}`); } } async getDependencyTree(manifestFile, lockfile, includeDev = false, strictOutOfSync = true) { const depTree = await super.getDependencyTree(manifestFile, lockfile, includeDev, strictOutOfSync); const meta = { lockfileVersion: 2, packageManager: 'yarn' }; const depTreeWithMeta = Object.assign(Object.assign({}, depTree), { meta: Object.assign(Object.assign({}, depTree.meta), meta) }); return depTreeWithMeta; } getDepMap(lockfile, resolutions) { const yarnLockfile = lockfile; const depMap = {}; const dependencies = lockfile.dependencies || {}; for (const [depName, dep] of Object.entries(yarnLockfile.object)) { const subDependencies = Object.entries(Object.assign(Object.assign({}, (dep.dependencies || {})), (dep.optionalDependencies || {}))).map(([key, ver]) => findResolutions(dependencies, depName, key, resolutions) || `${key}@${ver}`); depMap[depName] = { labels: { scope: _1.Scope.prod, }, name: getName(depName), requires: subDependencies, version: dep.version, }; } return depMap; } getDepTreeKey(dep) { return `${dep.name}@${dep.version}`; } } exports.Yarn2LockParser = Yarn2LockParser; function getName(depName) { return depName.slice(0, depName.indexOf('@', 1)); } function findResolutions(dependencies, depName, subDepKey, resolutions) { if (!resolutions) return; const resolutionKeys = Object.keys(resolutions); const index = depName.indexOf('@', 1); const name = depName.slice(0, index); const version = depName.slice(index + 1); const firstMatchingResolution = resolutionKeys.find((res) => { if (!res.endsWith(subDepKey)) { return false; } const leadingPkg = res.split(subDepKey)[0].slice(0, -1); const noSpecifiedParent = !leadingPkg; const specifiedParentMatchesCurrentDep = leadingPkg === name; const specifiedParentWithVersionMatches = leadingPkg.includes(name) && leadingPkg.includes(dependencies[`${name}@${version}`].version); return (noSpecifiedParent || specifiedParentMatchesCurrentDep || specifiedParentWithVersionMatches); }); if (resolutionKeys && firstMatchingResolution) { return `${subDepKey}@${resolutions[firstMatchingResolution]}`; } } //# sourceMappingURL=yarn2-lock-parser.js.map